We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

IT Risk Assessment

essay
The whole doc is available only for registered users

A limited time offer! Get a custom sample essay written according to your requirements urgent 3h delivery guaranteed

Order Now

1. What is the goal or objective of an IT risk assessment? The aim of the risk assessment process is to remove a hazard or reduce the level of its risk by adding precautions or control measures, as necessary. By doing so, you have created a safer and healthier workplace.

2. Why is it difficult to conduct a qualitative risk assessment for an IT infrastructure? It is difficult to conduct a qualitative risk assessment for an IT infrastructure because it determines the level of risk based on the probability and impact of the risk. You determine these values by gathering the opinions of experts.

3. What was your rationale in assigning “1” risk impact/risk factor value of “Critical” for an identified risk, threat or vulnerability? The “1” risk, threat, or vulnerability impacts compliance and places the company in position of increased liability but is not as critical as “2” or ‘3.”

4. When you assembled all of the “1” and “2” and “3” risk impact/risk factor values to the identified risks, threats, and vulnerabilities, how did you prioritize the “1”, “2”, and “3” risk elements? What would you say to the executive management in regards to your final recommended prioritization? a) Critical – a risk, threat, or vulnerability that impacts compliance and i. places the organization in a position of increased liability. b) Major – a risk, threat, or vulnerability that impacts the C-I-A of an organization’s intellectual property assets and IT infrastructure. c) Minor – a risk, threat, or vulnerability that can impact user or employee productivity or availability of the IT infrastructure. This prioritization is what is best because you want to know the highest level of vulnerability to the lowest.

5. Identify a risk mitigation solution for each of the following risk factors: a) User downloads and clicks on an unknown e-mail attachment. – Restrict user access and set it up so the user has to get authorization for downloads b) Workstation OS has a known software vulnerability. – Patch or update software. c) Need to prevent eavesdropping on WLAN due to customer privacy data access. – Increase WLAN security using WPA2 and AES encryption. d) Weak ingress/egress traffic filtering degrades performance. – Strengthen firewall filtering. e) Dos/Ddos attack from the WAN/Internet. – Strengthen firewall security; install IPS and IDS systems to the infrastructure. f) Remote access from home office. – Make sure the VPN is in place and secure. g) Production server corrupts database. – Remove server, restore database from last non-corrupt backup, and remove corruption from system.

Related Topics

We can write a custom essay

According to Your Specific Requirements

Order an essay
icon
300+
Materials Daily
icon
100,000+ Subjects
2000+ Topics
icon
Free Plagiarism
Checker
icon
All Materials
are Cataloged Well

Sorry, but copying text is forbidden on this website. If you need this or any other sample, we can send it to you via email.

By clicking "SEND", you agree to our terms of service and privacy policy. We'll occasionally send you account related and promo emails.
Sorry, but only registered users have full access

How about getting this access
immediately?

Your Answer Is Very Helpful For Us
Thank You A Lot!

logo

Emma Taylor

online

Hi there!
Would you like to get such a paper?
How about getting a customized one?

Can't find What you were Looking for?

Get access to our huge, continuously updated knowledge base

The next update will be in:
14 : 59 : 59